ルータ化
router設定
http://netlog.jpn.org/r271-635/2013/04/raspberry_pi_wifiap_router.html
# apt-get install ifmetric
(IP forwardの設定)
# vi /etc/sysctl.conf ---- net.ipv4.ip_forward=1
または・・・
# echo 1 >/proc/sys/net/ipv4/ip_forward
(ifのmetricを設定して優先順位)
# vi /etc/dhcpcd.conf interface bond0 metric 10 interface eth1 metric 0
(iptablesの設定)
# vi /etc/network/if-pre-up.d/iptables #!/bin/sh iptables -F -t nat iptables -t filter -F iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE iptables -A FORWARD -i eth1 -o bond0 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i bond0 -o eth1 -j ACCEPT # chmod 755 /etc/network/if-pre-up.d/iptables
(interfacesの設定) !!これを設定するとNG!!
# vi /etc/network/interfaces iface eth1 dhcp
(参考: iproute2の操作)
ip link list (リンク表示) ip address show (IP表示) ip route show (経路表示) ip rule list (ルール表示) ip route list table main (テーブル表示) ip rule add from 10.0.0.10 table John (テーブル追加) ip route add default via 195.96.98.253 dev ppp2 table John (テーブルへエントリを追加) ip route add default via 10.137.40.1 dev eth1 table main metric 210 ip route flush cache (更新を反映)
hostapd以降
http://www.ems.jp/Raspberry_Pi/install.html
★hostapd
$sudo apt-get install hostapd
$vi /etc/network/interfaces auto lo iface lo inet loopback allow-hotplug eth0 iface eth0 inet static address 192.168.1.99 netmask 255.255.255.0 gateway 192.168.1.1 # auto wlan0 iface wlan0 inet static address 192.168.0.1 netmask 255.255.255.0 gateway 192.168.0.1
$vi /etc/hostapd/hostapd.conf interface=wlan0 driver=nl80211
ssid=myap hw_mode=g channel=1
wpa=2 wpa_passphrase=stoneshark wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP rsn_pairwise=CCMP
$vi /etc/init.d/hostapd ---- DAEMON_CONF=/etc/hostapd/hostapd.conf
システム設定
$vi /etc/sysctl.conf ---- kernel.printk = 3 4 1 3
net.ipv4.conf.default.rp_filter = 1 net.ipv4.tcp_syncookies = 1 net.ipv4.ip_forward = 1 vm.swappiness=1 vm.min_free_kbytes = 8192
iptables
内側を指定する
http://netlog.jpn.org/r271-635/2013/04/raspberry_pi_router.html
$vi /etc/network/if-pre-up.d/iptables ---- #!/bin/sh iptables -F -t nat iptables -t nat -A POSTROUTING -o eth0 -j MASQUE $ sudo chmod 755 /etc/network/if-pre-up.d/iptables
DHCPサーバ
$sudo apt-get install isc-dhcp-server
$ vi /etc/dhcp/dhcpd.comf
----
ddns-update-style none;
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 6000;
max-lease-time 72000;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.11 192.168.0.200;
option domain-name-servers 8.8.8.8, 8.8.4.4;
option domain-name "lan";
option routers 192.168.0.1;
option broadcast-address 192.168.0.255;
}
#vi /etc/default/isc-dhcp-server ---- INTERFACES="wlan0 eth1" #eth0かeth1かwlan0か、要チェック
DHCP サーバ(2)
#vi /etc/default/isc-dhcp-server INTERFACES="wlan0 eth1"
# vi /etc/dhcp/dhcpd.conf
----
subnet 192.168.20.0 netmask 255.255.255.0 {
range 192.168.20.10 192.168.20.20;
option broadcast-address 192.168.20.255;
option routers 192.168.20.1;
default-lease-time 600;
max-lease-time 7200;
option domain-name "local-20";
# option domain-name-servers 8.8.8.8, 8.8.4.4;
option domain-name-servers 192.168.20.1;
}
subnet 192.168.21.0 netmask 255.255.255.0 {
range 192.168.21.10 192.168.21.20;
option broadcast-address 192.168.21.255;
option routers 192.168.21.1;
default-lease-time 600;
max-lease-time 7200;
option domain-name "local-21";
# option domain-name-servers 8.8.8.8, 8.8.4.4;
option domain-name-servers 192.168.21.1;
}
# service isc-dhcp-server restart
